Patch Tuesday Support Group December Webinar
|
Webinar Summary
In this group healing session, we’ll hear from Jordan Benzing regarding the latest round of Microsoft and 3rd Party patches and highlight those that present particularly disturbing vulnerabilities. Then Bryan Dam will spend a few minutes discussing general industry news relevant to fellow system administrators. Our good friend Gary Blok will also join us and talk about some of his recent technical exploits.
Our hope for this support group is to provide a short, 30-ish-minute session that fellow system administrators will find helpful in keeping up with our fast-paced industry. Life comes at you fast, so we intend to stay brief and high-level while pointing you toward resources that dig deep if you need to.
Webinar Hosts
Bryan Dam
Patch My PC Software Engineer
Jordan Benzing
Patch My PC Security Engineer Lead
Gary Blok
Writer of GARYTOWN ConfigMgr Blog
Register now!
Can’t attend or want to watch at a later time? Register anyway! We send the recording to all registrants after the webinar.
Patch Tuesday Support Group December Webinar
Webinar Summary
In December’s group healing session, you’ll hear from Jordan Benzing and Bryan Dam about the latest round of Microsoft and 3rd Party patches, particularly disturbing vulnerabilities, and general industry news relevant to fellow system administrators. Then, our good friend Gary Blok will also join us and talk about some of his recent technical exploits.
Watch the Webinar Recording
Webinar Hosts
Bryan Dam
Patch My PC
Software Engineer
Jordan Benzing
Patch My PC
Security Engineer Lead
Gary Blok
Guest Speaker
GARYTOWN ConfigMgr Blog
Patch Tuesday Support Group Webinar Recap
Patch Tuesday December News
Windows 11, version 23H2 Released. — Copilot in Intune, Copilot in Windows, Windows Passwordless, Multi-App Kiosk with working start menu, LAPS Native Integration. What’s new in Windows 11, version 23H2 for IT pros – What’s new in Windows | Microsoft Learn
Ignite Highlights for Intune. — February general availability for Enterprise App Management, Advanced Analytics, and Cloud PKI. Copilot in Intune private preview. Microsoft Intune news at Microsoft Ignite 2023 | Microsoft Intune Blog
What’s new in Microsoft Intune. — Support for unmanaged PKG-types apps for MacOS, MAM support for GCC and GCC High, Settings Catalog includes Windows Subsystem for Linux (WSL) configuration, and Win32 Apps size limit was bumped to 30Gb by default. What’s new in Microsoft Intune | Microsoft Learn
Microsoft is pushing for Mac management. — Now is the time—manage your Mac endpoints with Microsoft Intune | Microsoft Intune Blog
Configuration Manager 2309. — One of the most problematic upgrades in a while; make sure to install ODBC Driver for SQL Server 18.1.0 or later before you upgrade, must remove resource access policies that not depreciated, and post-upgrade step to reconfigure CMG. Supports native Windows update and reboot UX. Support for changing the Windows Edition. Windows 11 Upgrade Readiness Dashboard; anecdotal results suggest issues, either missing data or outright console crash. What’s new in version 2309 – Configuration Manager | Microsoft Learn
Azure Automation Update Management Depreciated. — Partly because the Log Analytics agent (MMA) is being depreciated. Being replaced by Azure Update Manager, which requires on-prem servers to be connected via Arc and is ‘up to’ $5 / month. Azure Automation Update Management overview | Microsoft Learn
PowerShell 7.4 General Availability. — What’s new in Windows 11, version 23H2 for IT pros. Learn more about what’s new in Windows 11 version 23H2, including servicing updates, Windows Subsystem for Linux, the latest CSPs, and more. PowerShell 7.4 General Availability – PowerShell Team (microsoft.com)
Microsoft Patches of Note
View the full list of Patch Tuesday release notes at Patch Tuesday Blog Home Page – Patch Tuesday Blog
Updates Released: 59
Critical Severity: 50
Important Severity: 4
Moderate Severity: 5
Unique CVES: 43
Insight into CVEs
No .NET updates this month
Secure Boot Security Feature Bypass Vulnerability — CVE-2023-24932 Score 6.7 Requires local access, exploitation detected in wild. The security update addresses the vulnerability by updating the Windows Boot Manager, but is not enabled by default. Additional steps are required at this time to mitigate the vulnerability. Please refer to the following for steps to determine impact on your environment: KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932 – Microsoft Support
Windows MSHTML Platform Remote Code Execution Vulnerability — CVE-2023-35628 Score 8.1 Network based attack, less likely. It leverages the MSHTML platform, so when you open the preview window of e-mails in Outlook, it creates an opportunity for attacker to launch a website and do remote code execution on the machine. NOTE: It does not require the user to actually click on a link inside of an e-mail. It just requires them to open the e-mail.
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability — CVE-2023-35618 Score 9.6 Network based attack, less likely. This vulnerability could lead to a browser sandbox escape and could allow the attacker to gain the privileges needed to perform code execution. Less likely because it requires an attacker to entice user into using a website, likely through a phishing e-mail.
Third Party Updates from PMPC
Total Number of Updates: 1936
Total Number of CVES: 244
Critical: 61
Moderate: 1531
Low: 8
Browser Patch Specifics
Chrome: 12 Patches
FireFox: 180 Patches
Microsoft Edge: 12 Patches
Opera: 10 Patches